# set -ex VERSION=${1:-14} OUT=./out LOGIC=${2} mkdir -p $OUT echo "using mach-o version $VERSION" if [[ $VERSION -ge 14 ]] then echo "Resulting binary uses MODERN symbol resolver" else echo "Resulting binary uses LEGACY symbol resolver" fi if [[ $LOGIC -eq 0 ]] then clang-format -i -style=llvm *.cc elif [[ $LOGIC -eq 1 ]] then # full poc flow echo "to be continue" # remove imports # remove mod init # remove symtab dysymtab # fix link edit section elif [[ $LOGIC -eq 2 ]] then # remove imports test # libc to test reexport custom lib clang++ -mmacosx-version-min=$VERSION -o $OUT/libc.dylib -shared c.cc # create our dummy lib first clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_library out/libc.dylib dummy.cc # build a references libb clang++ -mmacosx-version-min=$VERSION -o $OUT/a -L"./out" -Xlinker -no_data_const -lb a.cc # extract symbols from a ../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell --remove-imports --remove-exports --remove-symbol-table $OUT/a ../../macho-go/bin/ios-wrapper bcell2header -b $OUT/b.bcell -o $OUT/b.h # build libb with symbols extracted from a clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_library out/libc.dylib b.cc codesign --force --deep -s - $OUT/a-fixed $OUT/a-fixed elif [[ $LOGIC -eq 3 ]] then # remove imports test # libc to test reexport custom lib clang++ -mmacosx-version-min=$VERSION -o $OUT/libc.dylib -shared c.cc # create our dummy lib first clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_library out/libc.dylib dummy.cc # build a references libb clang -fobjc-arc -ObjC -mmacosx-version-min=$VERSION -o $OUT/a -L"./out" -lb a.mm # extract symbols from a # ../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell --remove-imports --remove-exports --remove-symbol-table --keep-imports _printf $OUT/a ../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell --remove-imports --remove-exports $OUT/a ../../macho-go/bin/ios-wrapper bcell2header -b $OUT/b.bcell -o $OUT/b.h # build libb with symbols extracted from a clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_library out/libc.dylib b.cc # ../../macho-go/bin/ios-wrapper pepe -o $OUT/libb.dylib -b $OUT/libb.bcell --remove-imports --remove-exports --keep-imports _dyld_get_sdk_version --keep-imports _malloc --keep-imports _printf --keep-imports ___stack_chk_guard $OUT/libb.dylib # resign codesign --force --deep -s - $OUT/a-fixed codesign --force --deep -s - $OUT/libb.dylib # export OBJC_PRINT_LOAD_METHODS=1 # export OBJC_PRINT_CLASS_SETUP=1 $OUT/a-fixed # unset OBJC_PRINT_LOAD_METHODS # unset OBJC_PRINT_CLASS_SETUP else # remove imports test # test rpath clang++ -mmacosx-version-min=$VERSION -o $OUT/libc.dylib -install_name @rpath/libc.dylib -shared c.cc # linked with libd # with rpath = $OUT clang++ -mmacosx-version-min=$VERSION -Xlinker -no_data_const -o $OUT/a \ -rpath ./heheeeekkkkkkk \ -rpath $OUT \ -rpath ./hehe \ -rpath ./haha \ $OUT/libc.dylib a.cc \ # extract symbols from a ../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell -l out/libb.dylib --remove-imports --remove-exports $OUT/a # build restoration libb with symbols extracted from a ../../macho-go/bin/ios-wrapper bcell2header -b $OUT/b.bcell -o $OUT/b.h clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared b.cc # obfuscate libb (bugged) # ../../macho-go/bin/ios-wrapper pepe -o $OUT/libb.dylib -b $OUT/libb.bcell --remove-imports --remove-exports --keep-imports _dyld_get_sdk_version --keep-imports _malloc --keep-imports _printf --keep-imports ___stack_chk_guard $OUT/libb.dylib # resign codesign --force --deep -s - $OUT/a-fixed codesign --force --deep -s - $OUT/libb.dylib # export OBJC_PRINT_LOAD_METHODS=1 # export OBJC_PRINT_CLASS_SETUP=1 $OUT/a-fixed # unset OBJC_PRINT_LOAD_METHODS # unset OBJC_PRINT_CLASS_SETUP fi